Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18647 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6,x) and N(7.0) software. The TA Scrypto v1.0 implementation in Secure Driver has a race condition with a resultant buffer overflow. The Samsung IDs are SVE-2017-8973, SVE-2017-8974, and SVE-2017-8975 (November 2017).
|
|||||
| CVE-2017-18646 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ID is SVE-2017-10602 (December 2017).
|
|||||
| CVE-2017-18645 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) (Qualcomm chipsets) software. There is a panel_lpm sysfs stack-based buffer overflow. The Samsung ID is SVE-2017-9414 (December 2017).
|
|||||
| CVE-2017-18644 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017).
|
|||||
| CVE-2017-18643 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is information disclosure of the kbase_context address of a GPU memory node. The Samsung ID is SVE-2017-8907 (December 2017).
|
|||||
| CVE-2017-18281 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel
|
|||||
| CVE-2017-18169 | 1 Google | 1 Android | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
|
|||||
| CVE-2017-18159 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.
|
|||||
| CVE-2017-18158 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images.
|
|||||
| CVE-2017-18154 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
|
|||||
| CVE-2017-18147 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated.
|
|||||
| CVE-2017-18070 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a uint32 which can be overflowed if the value of variable "event->num_ndp_end_rsp_per_ndi_list" is very large which can then lead to a heap overwrite of the heap object end_rsp in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
|
|||||
| CVE-2017-18069 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer overread.
|
|||||
| CVE-2017-18068 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow.
|
|||||
| CVE-2017-18067 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in lim_send_auth_mgmt_frame() leads to buffer overflow.
|
|||||
| CVE-2017-18066 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl().
|
|||||
| CVE-2017-18065 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vent->vdev_id in wma_action_frame_filter_mac_event_handler(), which is received from firmware, leads to arbitrary code execution.
|
|||||
| CVE-2017-18064 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for p2p_noa_info in wma_send_bcn_buf_ll() which is received from firmware leads to potential buffer overflow.
|
|||||
| CVE-2017-18063 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for nlo_event in wma_nlo_match_evt_handler(), which is received from firmware, leads to potential out of bound memory access.
|
|||||
| CVE-2017-18062 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing UTF event in wma_process_utf_event().
|
|||||
| CVE-2017-18061 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG firmware in wil_aoa_evt_meas().
|
|||||
| CVE-2017-18060 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18059 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18058 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wow_buf_pkt_len in wma_wow_wakeup_host_event() which is received from firmware leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18057 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18056 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_id in wma_unified_bcntx_status_event_handler() which is received from firmware leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18055 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow.
|
|||||
| CVE-2017-18054 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for num_vdev_mac_entries in wma_pdev_hw_mode_transition_evt_handler(), which is received from firmware, leads to potential buffer overflow.
|
|||||
| CVE-2017-18053 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18052 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18051 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for event->vdev_id in wma_rcpi_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
|
|||||
| CVE-2017-18050 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_map in wma_tbttoffset_update_event_handler(), which is received from firmware, leads to potential buffer overwrite and out of bounds memory read.
|
|||||
| CVE-2017-17860 | 2 Google, Samsung | 3 Android, Gear S2, Gear S3 | 2024-11-21 | 5.7 MEDIUM | 5.7 MEDIUM |
|
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
|
|||||
| CVE-2017-17771 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.
|
|||||
| CVE-2017-17770 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur.
|
|||||
| CVE-2017-17769 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver.
|
|||||
| CVE-2017-17767 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.
|
|||||
| CVE-2017-17766 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow.
|
|||||
| CVE-2017-17765 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow.
|
|||||
| CVE-2017-17764 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow.
|
|||||